Spammers, and other abusers of Internet services, often use free web services as part of their business. For example, people who want to send spam e-mail often sign up for free e-mail accounts, or use free blogging services to host various aspects of their actions. The actions of these abusers can be detected after an account has been used in an abusive way. For example, sending a large number of e-mails per day, or sending e-mail with certain types of content, tends to suggest that an e-mail account is being used to send spam. After a certain amount of abusive activity has been detected, the account can be disabled. Since the accounts of suspected abusers are disabled quickly, abusers have to sign up for large numbers of accounts in order to carry out their plans at a large scale.
Since registration for web service is often gated by Human Interaction Proofs (HIPs—sometimes called “captchas”), people who want to sign up for large numbers of accounts have to find efficient ways to carry out the registration procedure. They can use Optical Character Recognition (OCR) engines or low-cost labor to solve HIPs. They can enlist “botnets”—i.e., machines infected with malware that is designed to carry out some or all of a registration procedure.
HIP schemes can be broken. For example, if an HIP scheme presents a challenge in the form of “type the text that you see,” an OCR engine can be used to solve the HIP. The precise techniques for obscuring the text can be changed frequently in order to confound the OCR engine. For example, different types of backgrounds or distorting lines can be used to obscure the characters shown in the challenge. However, OCR engines can be trained to handle new HIP schemes. Moreover, when human labor is employed to solve HIPs, mere changes to the way in which characters are obscured may be ineffective at preventing abusers from solving the HIPs and performing the registration procedure.